package com.rainbow.bam.action;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;

import com.rainbow.bam.util.StringUtil;

/**
 * LoginController负责打开登录页面(GET请求)和登录出错页面(POST请求)，
 * 
 * @author zhaolei
 * @version $Id: LoginController.java, v 0.1 2015年11月11日 下午4:26:48 zhaolei Exp $
 */
@Controller
public class LoginController {
    /**
     * 日志s
     */
    private static final Logger logger = LoggerFactory.getLogger(LoginController.class);

    /**
     * 根路径跳转登陆页面
     * 
     * @param request
     * @param response
     * @param model
     * @return
     */
    @RequestMapping(value = "/", method = RequestMethod.GET)
    public String context(HttpServletRequest request, HttpServletResponse response, Model model) {
        return "redirect:/login";
    }

    /**
     * 处理登陆get请求，加载登陆页面
     * 
     * @return 登陆页面
     */
    @RequestMapping(value = "/login", method = RequestMethod.GET)
    public String login() {
        return "base/login";
    }

    /**
     * 处理身份认证异常后的 post 请求
     * 
     * @param request 
     * @param userName 登陆用户账户
     * @param model
     * @return 登陆异常后定向路径
     */
    @RequestMapping(value = "/login", method = RequestMethod.POST)
    public String fail(HttpServletRequest request,
                       @RequestParam(FormAuthenticationFilter.DEFAULT_USERNAME_PARAM) String userName,
                       Model model) {
        logger.error(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);
        String exception = (String) request
            .getAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);

        if (StringUtil.equals(UnknownAccountException.class.getName(), exception)) {
            model.addAttribute("loginError", "用户不存在！");
        } else if (StringUtil.equals(IncorrectCredentialsException.class.getName(), exception)) {
            model.addAttribute("loginError", "密码错误！");
        } else if (StringUtil.equals(LockedAccountException.class.getName(), exception)) {
            model.addAttribute("loginError", "账户已经锁定，请联系管理员！");
        } else if (StringUtil.equals(ExcessiveAttemptsException.class.getName(),exception)){
            model.addAttribute("loginError", "密码错误3次，锁定登陆10分钟！");
        }else {
            model.addAttribute("loginError", "登陆异常，请重试！");
        }
        model.addAttribute("userName", userName);
        return "base/login";
    }
}
